<?php

namespace app;

class Safe extends BaseController
{
    /**
     * 安全性检查
     * @return void
     */
    protected function initialize(): void
    {
        /**
         * 只允许GET/POST/DELETE/PUT
         */
        $method = $this->request->method() !== 'HEAD' &&
            $this->request->method() !== 'GET' &&
            $this->request->method() !== 'POST' &&
            $this->request->method() !== 'DELETE' &&
            $this->request->method() !== 'PUT';
        if ($method) {
            //TODO 违规请求
            die(CustomJsonResult(code: 405, msg: 'Method Not Allowed'));
        }
    }
}